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Instead  of  a  Talk  Outline 

Essentially  about  2  things: 

•  Integration  of  Automation  & 
Enterprise  IT  in  the  Cloud 

•  How  do  Safety  and  Security 
play  in  it? 
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Typical  Automation  System  (SCADA) 
Architecture 
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Typical  Enterprise  IT  Architecture 


FGCU— ’ 


Coiyrrijii  JdM  -j/  t 


rO - 

Problems  with  Separate  SCADA  and  IT 
Infrastructure 

•  IT  system  maintained  by  corporate  IT 

•  Typically  CS/CIS/IT/MIS  graduates 

•  SCADA  system  maintained  by  process  control 
engineers 

•  Typically  EE/ME/ChE  graduates 

•  Two  separate  maintenance  hierarchies 

•  SCADA  engineers  not  very  familiar  with  IT  problems 
and  vice  versa 
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Similarities  Between  SCADA  and  IT 
Systems 

•  Both  are  monitored  24x7x365 

•  Both  have  availability,  reliability,  safety,  and  security 
requirements 

•  Both  have  distributed  nature 

•  Both  have  centralized  hubs:  servers  in  the  case  of  IT 
and  master  terminal  unit  in  the  case  of  SCADA 

•  and ... 
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Similarities  Between  SCADA  and  IT 
Systems 

•  Both  are  monitored  24x7x365 

•  Both  have  availability,  reliability,  safety,  and  security 
requirements 

•  Both  have  distributed  nature 

•  Both  have  centralized  hubs:  servers  in  the  case  of  IT 
and  master  terminal  unit  in  the  case  of  SCADA 

•  Both  can  be  integrated  to  run  in  the  cloud 
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I  integrated  Cloud-based  I  nf rastructure 
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Integrated  Architecture  Advantages 

•  All  operations  handled  through  cloud  service  provider 

•  SCADA  components  and  IT  components  integrated  through 
the  cloud 

•  IT  components  need  middleware  (running  in  cloud  data 
center)  to  link  them  to  the  correct  servers 

•  SCADA  components  need  middleware  (running  in  cloud  data 
center)  to  link  them  to  the  correct  master  and  historian 

•  Security  becomes  more  affordable  for  the  organization  for 
both  IT  and  SCADA  infrastructure 

•  IT  and  SCADA  can  be  interlinked  in  the  cloud  improving 
security  of  inter-system  access 

•  Provides  for  better  management  of  both  IT  and  SCADA 
systems 
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When  do  you  use  Cloud? 


Source:  “Cloud  Computing  for  Mobile  Users:  Can  Offloading  Computation  Save  Energy”, 
K.  Kumar  and  Y-H  Lu,  IEEE  Computer,  April  2010,  pp.  51  -  56.  FGCU 
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Where  is  SCADA? 


Computation  £ 


SCADA  is  in  this  region 
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Critical  System  Properties: 

•  Safety 

•  Security 

•  Reliability 

•  Availability 

•  others 

Can  they  be  transferred  to  the  Cloud? 
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Safety  vs.  Security:  General  View 

•  Safety  is  concerned  when  a  technical  or  social 
system  negatively  affects  the  environment 

Latest  example:  Fukushima  Nuclear  Power  Plant 

•  Security ... 


FGCU— ’ 


Coiyrrijii  ^  J 60S  -j/  SiaFai-J  t 


r 


Safety  vs.  Security:  General  View 

•  Safety  is  concerned  when  a  technical  or  social 
system  negatively  affects  the  environment 

Latest  example:  Fukushima  Nuclear  Power  Plant 

•  Security  is  concerned  when  an  Environment 
negatively  affects  the  technical  or  social  system 

Latest  example:  Wikileaks  release  of  classified 
information 
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Safety  vs.  Security:  General  View 

•  Safety  is  concerned  when  a  technical  or  social 
system  negatively  affects  the  environment 

Latest  example:  Fukushima  Nuclear  Power  Plant 

•  Security  is  concerned  when  an  Environment 
negatively  affects  the  technical  or  social  system 

Latest  example:  wiki  leaks  release  of  classified 
information 

•  In  both  cases,  the  system  must  continue  functioning 

•  In  both  cases,  safety  and  security  affect  each  other 
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Safety  vs.  Security:  General  View 

•  Safety  and  Security  are  negative  properties 

This  means  that  there  are  generally  not  measurable, 
since  there  are  no  computable  functions  that  would 
map  respective  properties  onto  a  number  set 

•  Thus ... 
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Safety  vs.  Security:  General  View 

•  Safety  and  Security  are  negative  properties 

This  means  that  there  are  generally  not  measurable, 
since  there  are  no  computable  functions  that  would 
map  respective  properties  onto  a  number  set 

•  The  only  practical  way  to  evaluate  Safety  and  Security 
is  modeling: 

-  modeling  hazards  for  Safety  assessment,  and 

-  modeling  threats  for  Security  assessment. 
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Example  of  a  Modeling  Architecture 
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Example  of  a  Modeling  Architecture 
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Example  of  a  Modeling  Architecture 
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Example  of  Modeling  Security 

Markov  Diagram  -  Markovl 


Source:  “Availability  Assessment  of  Embedded  Systems  with  Security  Vulnerabilities”, 
A.  Kornecki  and  J.  Zalewski,  34th  IEEE  Software  Engineering  Workshop, 
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Conclusion 

There  are  multiple  advantages  of  an  integrated  architecture 

•  Essential  operations  handle  through  cloud  service  provider 

•  IT  and  SCADA  can  be  interlinked  and  integrated 

•  Better  management  of  SCADA  and  IT  systems 
However ... 
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Conclusion 

There  are  multiple  advantages  of  an  integrated  architecture 

•  Essential  operations  handle  through  cloud  service  provider 

•  IT  and  SCADA  can  be  interlinked  and  integrated 

•  Better  management  of  SCADA  and  IT  systems 

Transferring  Safety  and  Security  to  the  Cloud  requires  attention 

•  A  cloud-based  system  should  not  affect  the  overall  computing 
system  safety  -  should  professional  management  take  care  of 
data  centers  and  associated  hardware  and  software? 

•  A  cloud-based  system  makes  the  overall  computing  system 
secure  -  should  professionals  take  care  of  security  issues  at 
a  central  location? 

•  Enterprise  IT  and  process  control  system  divisions  can  focus 
on  their  core  missions 
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